Sign up for our weekly security newsletter

Phishing E-mail Hits Bank of America Customers

Security researchers at ScanSafe report that phishers are targeting the customers of BofA (Bank of America) through a fresh e-mail fraud.

The fake electronic mail, posing as a message from the BofA and entering customers' inbox apparently, tells the recipient (customer) that the Bank has found a number of PCs logged into his banking account. Before the account login, several password failures occurred, said the fake e-mail.

It then states that the recipient should now re-validate his BofA account details to the Bank. This should be done before or on July 31, 2010 otherwise the BofA will be compelled to deactivate his account indefinitely to prevent any fraudulent activity through it.

Thereafter, the e-mail ends formally. It asks the recipient to log into his Internet Banking account by clicking on a given web-link, which will help him get back his account as operational.

According to ScanSafe, the link takes the user to a gramsbbq.org/bain (a website of a Californian barbecue establishment). From there, the user is then auto-diverted to a phishing website hosted on chasingarcadia.com, one more genuine, but hijacked website of certain Canadian band.

The security firm ScanSafe further states that scammers have been successfully employing this technique of hijacked websites for many years to divert and support spoofed or phishing sites. This is because it allows phishing messages to pass through well-known filters as well as community-based reliable coverage.

Mary Landesman, Senior Security Researcher at ScanSafe, states that this method raises the collateral destruction because in case the hijacked websites are banned, their owners may suffer business loss, as reported by Blog.scansafe during the 2nd week of July 2010.

As per the security researchers, it is easy to spot these scams, provided the user is aware of what he needs for finding. In the current instance, brushing the computer mouse over the web-link discloses a domain name that instead of connecting with the Bank's authorized domain, leads to somewhere else. Moreover, in case the user clicks on the web-link, he will again find from the URL inside his browser that it doesn't connect with the right site.